UbuntuUpdates.org

Package "wpasupplicant"

Name: wpasupplicant

Description:

client support for WPA and WPA2 (IEEE 802.11i)

Latest version: 0.7.3-6ubuntu2.5
Release: precise (12.04)
Level: updates
Repository: main
Homepage: http://w1.fi/wpa_supplicant/

Links


Download "wpasupplicant"


Other versions of "wpasupplicant" in Precise

Repository Area Version
base universe 0.7.3-6ubuntu2
base main 0.7.3-6ubuntu2
security main 0.7.3-6ubuntu2.5
security universe 0.7.3-6ubuntu2.5
updates universe 0.7.3-6ubuntu2.5

Changelog

Version: 0.7.3-6ubuntu2.5 2021-05-03 16:06:20 UTC

  wpasupplicant (0.7.3-6ubuntu2.5) precise-security; urgency=medium

   * SECURITY UPDATE: Incorrect indication of disconnection in certain
     situations
     - debian/patches/CVE-2019-16275.patch: silently ignore management
       frame from unexpected source address in src/ap/drv_callbacks.c,
       src/ap/ieee882_11.c.
     - CVE-2019-16275

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 17 Sep 2019 10:27:33 -0300

Source diff to previous version
CVE-2019-16275 hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address valida

Version: 0.7.3-6ubuntu2.4 2015-06-16 18:07:03 UTC

  wpasupplicant (0.7.3-6ubuntu2.4) precise-security; urgency=medium

  * SECURITY UPDATE: denial of service via AP mode WMM Action frame
    - debian/patches/CVE-2015-4142.patch: check length in src/ap/wmm.c.
    - CVE-2015-4142

 -- Marc Deslauriers <email address hidden> Mon, 15 Jun 2015 10:35:48 -0400

Source diff to previous version
CVE-2015-4142 Integer underflow in AP mode WMM Action frame processing

Version: 0.7.3-6ubuntu2.3 2014-10-14 21:07:19 UTC

  wpasupplicant (0.7.3-6ubuntu2.3) precise-security; urgency=medium

  * SECURITY UPDATE: arbitrary command execution via unsanitized string
    passed to action scripts by wpa_cli
    - debian/patches/CVE-2014-3686.patch: added os_exec() helper to
      src/utils/os.h, src/utils/os_unix.c, src/utils/os_win32.c,
      use instead of system() in wpa_supplicant/wpa_cli.c.
    - CVE-2014-3686
 -- Marc Deslauriers <email address hidden> Fri, 10 Oct 2014 09:23:53 -0400

Source diff to previous version
CVE-2014-3686 action script execution vulnerability

Version: 0.7.3-6ubuntu2.2 2013-11-05 15:06:23 UTC

  wpasupplicant (0.7.3-6ubuntu2.2) precise-proposed; urgency=low

  * Multiple patches to reduce the number of disconnections for WPA Enterprise
    roaming and Opportunistic Key Caching. (LP: #1187524)
  * In debian/patches:
    0001-sme-fix-retry-after-auth-assoc-timeout-failure.patch,
    0002-sme-optimize-recovery-from-common-load-balancing-mechanisms.patch,
    0003-sme-blacklist-bss-on-first-failure-if-only-a-*.patch,
    0004-sme-extend-load-balancing-optimization-in-bss-blacklisting.patch,
    0005-sme-optimize-recovery-from-association-command-failures.patch,
    0006-sme-add-timers-for-authentication-and-association.patch,
    0007-sme-nl80211-set-cipher-suites.patch:
    Cherry-pick patches fixing SME (Session Management Entity) for the nl80211
    driver, which works as a basis for the OKC patches.
  * In debian/patches:
    0001-pmkokc-Set-portValid-TRUE-on-association-for-driver-based-4.patch,
    0002-pmkokc-Clear-WPA-and-EAPOL-state-machine-config-pointer-on-.patch,
    0003-pmkokc-Clear-driver-PMKSA-cache-entry-on-PMKSA-cache-expira.patch,
    0004-pmkokc-Flush-PMKSA-cache-entries-and-invalidate-EAP-state-o.patch,
    0005-pmkokc-Fix-proactive_key_caching-configuration-to-WPA-code.patch,
    0006-pmkokc-RSN-Add-a-debug-message-when-considing-addition-of-O.patch,
    0007-pmkokc-Clear-OKC-based-PMKSA-caching-entries-if-PMK-is-chan.patch,
    0008-pmkokc-Move-wpa_sm_remove_pmkid-call-to-PMKSA-cache-entry-f.patch,
    0009-pmkokc-Use-PMKSA-cache-entries-with-only-a-single-network-c.patch,
    0010-pmkokc-PMKSA-Do-not-evict-active-cache-entry-when-adding-ne.patch,
    0011-pmkokc-PMKSA-Set-cur_pmksa-pointer-during-initial-associati.patch,
    0012-pmkokc-PMKSA-make-deauthentication-due-to-cache-entry-remov.patch,
    0013-pmkokc-PMKSA-update-current-cache-entry-due-to-association-.patch:
    Cherry-pick patches to properly do OKC (Opportunistic Key Caching) which
    helps maintaining connectivity on networks secured with WPA Enterprise,
    especially on nl80211-based drivers -- these patches require SME, and add
    or fix key caching and handling of the cache entries.
  * debian/patches/force-enable-okc.patch: force Opportunistic Key Caching to
    be enabled.
  * debian/patches/less-aggressive-roaming.patch: use less aggressive roaming
    settings to avoid switching to another AP unnecessarily, when the actual
    signal level difference is small.
  * debian/patches/wpa_supplicant-dbus-null-error.patch: Don't send NULL to
    dbus_message_new_error().
  * debian/patches/0001-nl80211-Fix-UNSPEC-signal-quality-reporting.patch: fix
    marking qual as invalid rather than signal level.
  * debian/patches/wpa_supplicant-squelch-driver-disconnect-spam.patch: recover
    cleanly from streams of disconnect messages (like on iwl3945).
  * debian/patches/wpa_supplicant-assoc-timeout.patch: increase association
    timeouts.
 -- Mathieu Trudel-Lapierre <email address hidden> Wed, 12 Jun 2013 15:57:50 -0400

Source diff to previous version
1187524 Frequent disconnects under certain network conditions

Version: 0.7.3-6ubuntu2.1 2012-10-15 21:06:55 UTC

  wpasupplicant (0.7.3-6ubuntu2.1) precise-proposed; urgency=low

  * debian/patches/session-ticket.patch: disable the TLS Session Ticket
    extension to fix auth with 802.1x PEAP on some hardware. (LP: #969343)
 -- Mathieu Trudel-Lapierre <email address hidden> Mon, 17 Sep 2012 17:08:22 -0400




About   -   Send Feedback to @ubuntu_updates